Security in the use of ICTs

APT-ITU workshop on the International Telecommunications RegulationsBangkok, 6-8 February 2012Preetam Maloor, ITU

Current Proposals to WCIT regarding the ITRs• The 1988 ITR does not contain explicit provisions on security in

the use of ICTs– The reference in Article 9 to avoiding technical harm was

added in light of the Morris worm, or Internet worm of 2 November 1988.

• Some specific proposals have been submitted to CWG-WCIT that are clearly related to Cybersecurity– Adding new articles on security in the use of ICTs– Amending existing articles (e.g. article 8), in order to include

security related elements– Making specific references to countermeasures against spam

(in line with WTPF Opinion 6)

There is no consensus on the proposals

• ITU plays an important role in resolving new and emerging issues (PP-10 Resolution 171) and has developed a number of activities with regard to building confidence and security in the use of ICTs

• Following the World Summit on the Information Society (WSIS), Heads of States and world leaders entrusted ITU to take the lead in coordinating international efforts as the sole Facilitator of Action Line C5, "Building confidence and security in the use of ICTs".

• Resolutions from PP, WTSA, WTDC call upon more ITU involvement in building confidence and security in the use of ICTs

• In the Global Cybersecurity Agenda (GCA), ITU promotes international cooperation aimed at proposing strategies for solutions to enhance confidence and security in the use of ICTs

• ITU-T Study Group 17 is the Lead Study Group for Telecommunication security, and ITU-T Lead Study Group for Identity management

• ITU-D Study Group 1 Question 22 on Securing information and communication networks: best practices for developing a culture of cybersecurity

ITU’s role and mandate

• The global cyber threat landscape• The definitions• International cooperation and agreed international

norms and principles• International standards• The interdependencies

Global Challenges

January 2011

• Major cyber intrusion in Defense Research and Development in Canada. Finance Department and Treasury board forced to disconnect from the internet

March2011

• Hackers penetrate French government computer network• South Korea Defense Network penetrated• RSA Secure ID compromised• Attacks at EU’s Commission and External Action Service

June2011

• Attacks at Sony. Millions of logins leaked• Attacks at NATO internal network• Attacks at International Monetary Fund (IMF)• Hackers disrupt 51 Malaysian government websites• UK Treasury under sustained cyberattack

October2011

• Cyber-attacks on UK at disturbing levels• Japan under Heavy Cyber Attack

November2011

• Hackers destroyed a pump used by a US water utility• Duqu computer virus Detected by Iran civil defense organization• More than 100 Pakistani Government Sites Under Malware attack• Thousands of United Nation (UNDP) logins leaked• Cyber attacks hit Fujitsu local government system in Japan• Largest DDOS attack hit Chinese company

Global Challenges - The global cyber threat landscape

• There is not yet a globally accepted definition of security in the use of ICTs

• IGOs and SDOs have their own definition – ITU-T Recommendation X.1205

• Member States might use different definitions– 2009 US National Infrastructure Protection Plan– Dutch national strategy

• Dictionaries provide other definition– Oxford dictionary

Global Challenges - The definitions

• Cyberattacks can originate and strike anywhere around the globe.• There have been calls for:

– norms and principles agreed by the international community for acceptable state behavior in cyberspace

– international minimum standard of relevant offences internationally imposed

– harmonized legal frameworks, where domestic laws contain provisions on international cooperation

Global Challenges - International cooperation and agreed international norms and principles

Cyber threats are inherently international in scope and require multi-stakeholder international cooperation

• Building Security in the use of ICTs require legal, organizational and technical capabilities

• Standards can complement the overall efforts, providing interoperability and conformance of security while meeting regulatory constraints of countries and regions

• The adoption of common technical standards can also help developing countries and bring them up to speed (bridging the standardization gap)

Global Challenges - International standards

• Telecom Sector and the Internet are considered as interconnected and interdependent systems

• Infrastructures that have been in isolation so far, are being increasingly supported by telecommunication (e.g. industrial automation networks, intelligent transportation systems (ITS), e-government networks)

• This paradigm shift of interconnected systems makes ICTs susceptible to cyberattacks of unforeseeable impact

Global Challenges - Interdependencies

• The security in the use of ICTs have been an increasing international concern over the past 10 years.

• Countries, regional and international organizations started to elaborate and develop Cybersecurity policies and strategies– National efforts (National strategies and plans – e.g. US,

UK, Germany, Estonia, Australia, Malaysia, South Korea and Brazil, among others – India and South Africa also started)

– Regional and cross regional efforts (EU initiatives, APEC, ASEAN, CoE, ENISA, FIRST, G8, Meridian, NATO, AOS, OECD)

– International efforts (IMPACT, IEEE, IEC, ISO, INTREPOL, UNODC)

Overview of the current situation at national, regional, and international level